Bumps in the road to VHBL

Hey guys, just a quick update to my ongoing port to VHBL, with sadly, not-so-good news so far.

as I posted a few days ago, I have access to a few interesting user mode exploits in PSP games, all of them candidates to a VHBL port. One of them is actually ready (the one I showcased in videos so far), but for various reasons it cannot be released.

I’ll stop with the secrets here, and give a few of the reasons:

First, it’s basically the only user mode exploit I have with a fully functional port of VHBL. I’d like to have at least a second one available, as a “backup”. Second, the owner(s) of this exploit are not really inclined to make it public for now. Third, the game is not available in the US store, and this would dramatically limit the amount of people interested in the exploit.

Now, what about the other exploits? I have been working on a promising one for the past 2 weeks, but sadly, it’s a tough nut to crack. I could get super simple homebrews to run, but not more complex ones such as (sigh) the VHBL menu. I am still not giving up on this particular exploit, but it is taking much more time than I initially imagined (I’ve already spent close to 30 hours working on that exploit alone). You can see a few details here.

Some other exploits just don’t have the necessary functions required for VHBL. In particular, many old games do not import the function sceUtilityLoadModule, which is today a central piece of VHBL. Thankfully, it is easy to detect these issues early in the development process, and discard the games.

Other exploits are just incomplete (I hate those) : basically, the author of the exploit sent me a lose proof of concept that only works in some very specific conditions (example: set your language to Spanish and run the exploit on a Tuesday night during a full moon, while singing some Justin Bieber song), without giving me any sort of indication. So, I basically have to figure out why the exploit works for them and not for me, then rewrite the exploit from scratch in a more portable way, which is taking lots of precious hours.

Advertising

Finally, other exploits have “political” issues. Things such as “yeah, it’s a great exploit but XXX is using it as a way to access their kernel exploit and we’d prefer not to release it publicly”. In essence, the exploit I showcased in the recent VHBL videos is one of those. I don’t think it is actually being used by anybody, but it has some good potential and shouldn’t be used for VHBL if alternate solutions are available.

I was hoping to have some good news today, but sadly this is not happening yet. I am still investigating a few user mode exploits. In addition to the ones I already know about, some new leads come regularly to me, thanks to you guys. Remember that one person alone cannot drive the whole hacking scene. VHBL wouldn’t be where it is now if it wasn’t for the help of many “not so well known” hackers who have provided the user mode exploits in the first place. Finding user mode exploits is not that difficult, but very helpful. If you find some, get in touch with me! Despite what others might say, we always need fresh user mode exploits

Share

wololo

We are constantly looking for guest bloggers at wololo.net. If you like to write, and have a strong interest in the console hacking scene, contact me either with a comment here, or in a PM on /talk!

37 Responses

Thanks wololo for everything of I was literate in any of this I would definitely help but unfortunately I cannot. If there was some way to break down how to look for exploits I would definitely help. Anyway thanks for everything

What about that update with better compatibility and maybe a updated winners appearance from the contest you held for the Super Collapse VHBL port? I hope you still intend on doing an update for the Super Collapse port. Thanks

About VHBL for super Collapse, is there a specific Homebrew you have in mind, that doesn’t run as you expect?

To be honest, I’d really, really like to see a few people step up and start helping with improving VHBL, instead of constantly seeing people who ask for improvements. As I mentioned several times, there is a reason it is open source. VHBL is not developed in a secret laboratory, or by a team trying to get all your money and staying closed source. The counterpart is that I’d really appreciate some help once in a while. There’s so much I can do with my limited free time.

Is Patapon 2 still up on the chopping block? its a functional exploit (My very first furrah into hacking actually), but the only problem is that you cant transfer the demo that it needs to work. Maybe someone can get it working for the full game?

I’m not trying to sound stupid so feel free to school me, but isn’t there a way to wipe the operating system with like say magnets or something. And then from there start with cell phone os as scrath and build from there?

I believe the Vita does, just like most games consoles these days, have a hard coded bootup process which are on chips that are read only (their data are permanent, and cannot be erased). During these steps several layers of security and encryption is applied so before the content of the NAND (the chip I believe you were suggesting to erase) is being read, the system is already secured and the NAND content will need to be encrypted in a way that we don’t know, in order to be read by the Vita.

I wish there’s a way for us to join the battle. i have this theory about the ps vita. just a thought, if the playstation suite games running on android are not emulated, is it possible that the the ps vita is actually android based and that sony is only using their kirk keys to encrypt it? or is it the other way around, playstation suite has the encryption keys to run playstation games on the android? either way, the playstation suite for android may be the way to hack our vita.

Could some clever individual perhaps “take one for the team” with my idea? The PS Suite is a way for devs to get their homebrew apps on the Vita, correct? What if someone were to build a seemingly innocuous program, like a Tetris clone or whatnot, but purposefully leave it open to exploits? That would surely be doable, assuming Sony’s people overlook any concealed security hole.

as Jd8531 said, you’d run a huge legal and financial risk by doing that. I’m pretty sure there is a point in the contract you sign with Sony that says you are liable for any problem that could happen with your program. Also, who in their right mind would take the risk of getting cut of a revenue source just for the sake of the scene? If I was programming something on the pss, I would try to make money out of it, by following whatever rules Sony put into it, not to double-cross Sony.

basically as Hene193 said, above, in general there is nothing special about these exploits, it’s just that it is inconvenient for the people working on kernel exploits to have to find a new user mode exploit if the one they were using so far becomes public. Of course, they also need to have an exploit in a game that imports the functions they are exploiting for kernel access, which, depending on the kexploit, could be a rare situation, or not